Managing for Success: Maintaining a Healthy Bug Bounty Program Long Term

Black Hat USA 2019

Presented by: Chloe Brown
Date: Thursday August 08, 2019
Time: 12:10 - 13:00
Location: Mandalay Bay CD

Your bounty program has launched and is clicking along… but are you getting optimal results once the initial excitement wanes? How do you measure and report on program success? How can you build gamification and incentive models that lead to high value vulnerability reports, while discouraging low impact reports that distract your engineers from issues that put customers at risk? And while everyone hopes to never need it, what’s the playbook for handling conflict or vulnerability disclosure situations?

Chloe Brown

Chloe Brown has spent over a decade passionately crafting connections between community members and development teams. After many years in the gaming industry, Chloe brought her substantial skills for building trusted relationships, facilitating actionable feedback, and creating content for customer acquisition, engagement and retention to the security industry as a Researcher Operations Program Manager for a bug bounty platform in 2016.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats